The city of Braga has reaffirmed that data protection and technological security were top priorities in the public procurement of 35 Yutong electric buses, following concerns raised in Norway and Denmark about cybersecurity risks linked to the manufacturer. The municipality states that the contract includes strict rules preventing any unauthorized remote access and guarantees that all data, including black box records, belongs exclusively to the city. Braga also confirms that

The Swedish Authority for Privacy Protection (IMY) is investigating a major data breach at Miljödata, a government software provider, after personal information of up to 1.5 million people was exposed. The leaked data includes names, ID numbers, dates of birth, contact details, addresses, and even sensitive documents such as medical certificates and rehabilitation plans. Much of this information has already appeared on the dark web. Because Miljödata supplies software to 80%

Hyundai is warning customers after a newly confirmed data breach may have exposed the personal information of up to 2.7 million drivers. The breach, traced to Hyundai AutoEver, leaked sensitive data including names, driver’s license numbers, and Social Security numbers. Although the attack happened in February, a months-long investigation means affected customers are only being notified now. Hyundai has brought in cybersecurity experts and is offering two years of free credit

Apple has issued a security alert, urging all users to update their devices immediately. A recently discovered vulnerability could allow hackers or third parties to access locked devices, bypass passcodes, and extract sensitive data. The update is available for iPhone XS and later, several iPad models, Apple Watch, and Macs, fixing the CVE-2025-24200 flaw. The issue affects USB Restricted Mode, originally designed to prevent tools like “GrayKey” from accessing private data. W

Amazon has lost its appeal against a record €746 million ($812M) fine imposed by Luxembourg’s privacy regulator (CNPD) for violating EU GDPR rules. The court sided with the CNPD, which had penalized Amazon for improperly processing personal data. While Amazon is considering further appeals, the ruling underscores Europe’s strict approach to data protection and its willingness to enforce the GDPR at the highest levels. The CNPD also included measures for Amazon to remedy the d

Ireland’s Data Protection Commission (DPC) has fined TikTok €530 million for failing to ensure that European user data transferred to China was protected from access by Chinese authorities. The investigation revealed that TikTok provided misleading information to the DPC and failed to demonstrate that data sent to China would have protection levels equivalent to GDPR standards. While TikTok claims it never shared data with the Chinese government, the DPC found that data was r

Recent court decisions in Germany and at the European General Court are challenging the traditional interpretation of GDPR compensation. Historically, under Art. 82 GDPR, data subjects could only claim damages if they proved actual harm resulting from a GDPR violation. However, recent cases—like Junghans v. Meta and Bindl v. European Commission—suggest that a mere loss of control over personal data or uncertainty about its processing can now qualify as non-material damages, e

The European Commission is preparing changes to the General Data Protection Regulation (GDPR) aimed at reducing administrative burdens for small and medium-sized enterprises (SMEs), while maintaining strong privacy protections. Proposed adjustments may include simplifying data registration requirements for companies with fewer than 500 employees.   The initiative responds to concerns that the current GDPR framework increases compliance costs, creates legal uncertainty due to

Last year, Portugal reported 332 personal data breaches—almost one per day—according to the National Data Protection Commission (CNPD). Incidents ranged from unauthorized access to databases to exposure of sensitive information, affecting both public and private sectors. Experts warn the real number may be even higher, as many breaches go unreported. The CNPD continues to strengthen oversight and educate organizations on data protection, promoting preventive measures like aud

Even after the official opt-out period, there’s no guarantee that Meta won’t use your personal data—posts, photos, messages, and even memories—to train its AI systems. Experts warn that the opt-out process is confusing, fragmented across platforms like Facebook, Instagram, Messenger, and Threads, and often leaves users unsure if their refusal applies to all services. This raises serious concerns about transparency and control over our own information. By agreeing to terms wit

The EU has launched an investigation into X (formerly Twitter) over the use of personal data from EU and EEA users to train its AI models, including Grok. The Irish Data Protection Commission (DPC), acting on behalf of the EU, will examine whether X’s practices comply with key GDPR provisions, especially regarding legality and transparency. This follows X’s commitment in September to stop using certain EU user data for AI training. However, the company continued AI model deve

Researchers have uncovered one of the largest data breaches ever: 16 billion login credentials exposed, from malware and old datasets. Social media, cloud services, corporate tools, and VPNs may have been affected. While no centralized attack on companies like Apple, Google, or Facebook has been confirmed, the leak puts millions of users at risk of identity theft, phishing, and account takeovers. Experts recommend: change your passwords regularly, enable two-factor authentica

According to the House Chief Administrative Officer, WhatsApp poses a high risk due to its lack of transparency in data handling, absence of encryption for stored data, and potential vulnerabilities. Staff are now prohibited from using the app across mobile, desktop, and web versions. Meta, WhatsApp’s parent company, strongly disagrees, insisting the platform offers end-to-end encryption by default and even stronger protections than many of the apps approved by the House. As

Germany’s data protection commissioner has called on Apple and Google to remove the AI chatbot DeepSeek from their app stores, citing...

In 2023, Portugal saw 332 personal data breaches, almost one per day, as reported by the CNPD. A significant case involved the Social...

Chinese AI company DeepSeek is under investigation by several EU data protection authorities over potential GDPR breaches linked to...

Microsoft has made a strategic equity investment in Veeam, a global leader in data protection and ransomware recovery. This move deepens...

Apple has decided to remove its most secure iCloud encryption tool (ADP) for UK users following a government request that would...

According to Bleeping Computer, a study conducted by cybersecurity firm Coveware reveals that only 28% of businesses opted to pay...

According to Fortune, Microsoft is working on prompt shields for its AI chatbots to prevent users from posing "unusual" queries. These...